CyberSecurity & IT Jobs from the Boardroom to the S.O.C.


JUser: :_load: Unable to load user with ID: 841

Sr. Internal Audit Manager - IT

Add to Favourites
Added 2018-09-16 15:37:27


The IT Audit Senior Manager should demonstrate an advanced understanding of IT, IT risk management, information security, IT architecture, and IT process areas. This individual will be responsible to lead and manage multiple IT operational audits including performing risk assessments, developing audit scope and audit programs, executing audit programs, working independently, and supervising staff and Managers as required. The IT Audit Senior Manager is responsible for evaluating risks and controls for IT infrastructure, cyber security, and related IT processes. This evaluation will be accomplished by conducting internal audits to include formal written reports for the communication of observations, risks, recommendations and conclusions. Responsibilities include the assessment and review of infrastructure, security, processes and technologies, and IT operations.
This role would be a best fit for a highly skilled individual with significant IT audit and/or information security experience at a Big 4 or reputable security consulting firm. If you have the right qualifications, a passion for technology, are deeply technical, can perform well with limited supervision, and build effective relationships across the organization, we would like to meet you.

Core Responsibilities Include:
The IT Audit Senior Manager is responsible for planning and executing the Internal Audit department’s IT operational audits and supporting the IT audit practice, including:
  • Scoping, planning, and executing multiple IT operational audits with an emphasis on information/cyber security as well as other IT process areas
  • Able to manage projects within budgetary and time constraints while providing a high-level of client satisfaction
  • Stay apprised, engaged, and trained in emerging technologies and technology risks to feed into the development of IT risk assessments and audit programs.
  • Lead the audit execution for information security audit by coordinating with process owners to identify and test controls; validating process documentation; analyzing IT and business information to identify improvement opportunities.
  • Working with the company's external auditors and federal regulators to support their annual audit and examination efforts
  • Drives project completion by reviewing and overseeing the completion of audit work papers, reviewing compensating controls and offering recommendations on risk mitigation
  • Manage the follow-up activities for remediation of issues identified and communicated to management
  • Build effective relationships with IT management, cyber security and incident response teams, web application development teams, and other risk functions throughout the bank.

  • Bachelor’s and/or master’s degree in computer science, computer engineering, management information systems, accounting information systems, or equivalent discipline.
  • 7+ years of experience in leading and conducting audits and/or assessments of key IT domains including information systems, cyber security, SDLC (Agile & waterfall), network & infrastructure architecture, application security, business continuity/disaster recovery, penetration testing, data management, and related processes.
  • Demonstrates ability to discuss and understand information security issues. Has solid understanding across a variety of IT areas such as:
  • Network and infrastructure architecture
  • Operating system/database administration & security
  • Threat and vulnerability assessment
  • Infrastructure and web application security
  • Identity and access management
  • Incident response
  • Cyber security, defense-in-depth, kill-chain
  • SDLC (Waterfall / Agile) & Change Management
  • Data management, data protection, and data privacy
  • Cloud security
  • Business continuity and disaster recovery
  • Computer operations
  • Ability to understand and communicate highly technical issues to both technical and non-technical audiences supported by a strong understanding of concepts related to information security, architecture, and technology risks.
  • Familiarity and understanding of major professional security and audit frameworks and standards (NIST, ISO 27001, ITIL, COBIT, PCI-DSS, etc.)
  • At least one professional certification required, preferably multiple, such as CISSP, CISA, CISM, GSEC, GPEN, GSLC, or equivalent.
  • Strong project management and organizational skills, with the capability to work on multiple projects with minimal direction in a dynamic and fluid environment with rotating priorities
  • Pro-active, high energy and strong interpersonal skills with a team-focused attitude, demonstrating the ability to collaborate and compromise while building constructive and effective relationships
  • Previous experience with attack and penetration testing and/or cyber incident response a plus
  • Financial services industry and regulatory experienced preferred. Big 4 or security consulting firm experience preferred.

Specific details

Employment Type Full time
Degree 4 Year Degree
Salary Range ---


California, United States, North America
Santa Clara, 95054


We use cookies to maintain login sessions, analytics and to improve your experience on our website. By continuing to use our site, you accept our use of cookies. Terms of Use